Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/java.base/share/classes/sun/security/ssl/JsseJce.java
branchJDK-8145252-TLS13-branch
changeset 56542 56aaa6cb3693
parent 47216 71c04702a3d5
child 56692 7b0bde908f58
equal deleted inserted replaced
56541:92cbbfc996f3 56542:56aaa6cb3693 
     1 /*
 
     1 /*
 
     2  * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
 
     2  * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
     4  *
 
     4  *
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     5  * This code is free software; you can redistribute it and/or modify it
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     6  * under the terms of the GNU General Public License version 2 only, as
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
     7  * published by the Free Software Foundation.  Oracle designates this
 
    23  * questions.
 
    23  * questions.
 
    24  */
 
    24  */
 
    25 
    25 
    26 package sun.security.ssl;
 
    26 package sun.security.ssl;
 
    27 
    27 
    28 import java.util.*;
 
       
    29 import java.math.BigInteger;
 
    28 import java.math.BigInteger;
 
    30 
       
    31 import java.security.*;
 
    29 import java.security.*;
 
    32 import java.security.interfaces.RSAPublicKey;
 
    30 import java.security.interfaces.RSAPublicKey;
 
    33 import java.security.spec.*;
 
    31 import java.security.spec.*;
 
    34 
    32 import java.util.*;
 
    35 import javax.crypto.*;
 
    33 import javax.crypto.*;
 
    36 
    34 import sun.security.jca.ProviderList;
 
    37 // explicit import to override the Provider class in this package
 
       
    38 import java.security.Provider;
 
       
    39 
       
    40 // need internal Sun classes for FIPS tricks
 
       
    41 import sun.security.jca.Providers;
 
    35 import sun.security.jca.Providers;
 
    42 import sun.security.jca.ProviderList;
 
    36 import static sun.security.ssl.SunJSSE.cryptoProvider;
 
    43 
       
    44 import sun.security.util.ECUtil;
 
    37 import sun.security.util.ECUtil;
 
    45 
       
    46 import static sun.security.ssl.SunJSSE.cryptoProvider;
 
       
    47 import static sun.security.util.SecurityConstants.PROVIDER_VER;
 
    38 import static sun.security.util.SecurityConstants.PROVIDER_VER;
 
    48 
    39 
    49 /**
 
    40 /**
 
    50  * This class contains a few static methods for interaction with the JCA/JCE
 
    41  * This class contains a few static methods for interaction with the JCA/JCE
 
    51  * to obtain implementations, etc.
 
    42  * to obtain implementations, etc.
 
    52  *
 
    43  *
 
    53  * @author  Andreas Sterbenz
 
    44  * @author  Andreas Sterbenz
 
    54  */
 
    45  */
 
    55 final class JsseJce {
 
    46 final class JsseJce {
 
       
    47     static final boolean ALLOW_ECC =
 
       
    48             Utilities.getBooleanProperty("com.sun.net.ssl.enableECC", true);
 
    56 
    49 
    57     private static final ProviderList fipsProviderList;
 
    50     private static final ProviderList fipsProviderList;
 
    58 
       
    59     // Flag indicating whether Kerberos crypto is available.
 
       
    60     // If true, then all the Kerberos-based crypto we need is available.
 
       
    61     private static final boolean kerberosAvailable;
 
       
    62     static {
 
       
    63         ClientKeyExchangeService p =
 
       
    64                 ClientKeyExchangeService.find("KRB5");
 
       
    65         kerberosAvailable = (p != null);
 
       
    66     }
 
       
    67 
    51 
    68     static {
 
    52     static {
 
    69         // force FIPS flag initialization
 
    53         // force FIPS flag initialization
 
    70         // Because isFIPS() is synchronized and cryptoProvider is not modified
 
    54         // Because isFIPS() is synchronized and cryptoProvider is not modified
 
    71         // after it completes, this also eliminates the need for any further
 
    55         // after it completes, this also eliminates the need for any further
 
   179     static boolean isEcAvailable() {
 
   163     static boolean isEcAvailable() {
 
   180         return EcAvailability.isAvailable;
 
   164         return EcAvailability.isAvailable;
 
   181     }
 
   165     }
 
   182 
   166 
   183     static boolean isKerberosAvailable() {
 
   167     static boolean isKerberosAvailable() {
 
   184         return kerberosAvailable;
 
   168         return false;
 
   185     }
 
   169     }
 
   186 
   170 
   187     /**
 
   171     /**
 
   188      * Return an JCE cipher implementation for the specified algorithm.
 
   172      * Return an JCE cipher implementation for the specified algorithm.
 
   189      */
 
   173      */
 
   297             // ignore
 
   281             // ignore
 
   298         }
 
   282         }
 
   299         for (Provider.Service s : cryptoProvider.getServices()) {
 
   283         for (Provider.Service s : cryptoProvider.getServices()) {
 
   300             if (s.getType().equals("SecureRandom")) {
 
   284             if (s.getType().equals("SecureRandom")) {
 
   301                 try {
 
   285                 try {
 
   302                     return SecureRandom.getInstance(s.getAlgorithm(), cryptoProvider);
 
   286                     return SecureRandom.getInstance(
 
       
   287                             s.getAlgorithm(), cryptoProvider);
 
   303                 } catch (NoSuchAlgorithmException ee) {
 
   288                 } catch (NoSuchAlgorithmException ee) {
 
   304                     // ignore
 
   289                     // ignore
 
   305                 }
 
   290                 }
 
   306             }
 
   291             }
 
   307         }
 
   292         }
 
   392     // lazy initialization holder class idiom for static default parameters
 
   377     // lazy initialization holder class idiom for static default parameters
 
   393     //
 
   378     //
 
   394     // See Effective Java Second Edition: Item 71.
 
   379     // See Effective Java Second Edition: Item 71.
 
   395     private static class EcAvailability {
 
   380     private static class EcAvailability {
 
   396         // Is EC crypto available?
 
   381         // Is EC crypto available?
 
   397         private final static boolean isAvailable;
 
   382         private static final boolean isAvailable;
 
   398 
   383 
   399         static {
 
   384         static {
 
   400             boolean mediator = true;
 
   385             boolean mediator = true;
 
   401             try {
 
   386             try {
 
   402                 JsseJce.getSignature(SIGNATURE_ECDSA);
 
   387                 JsseJce.getSignature(SIGNATURE_ECDSA);
jdk-sandbox